Oskar

1 exploit Active since Dec 2024
CVE-2024-55884 WRITEUP CRITICAL WRITEUP
Mullvad VPN client <2024.8 - Memory Corruption
In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the exception-handling alternate stack can be exhausted, leading to heap-based out-of-bounds writes in enable() in exception_logging/unix.rs, aka MLLVD-CR-24-01. NOTE: achieving code execution is considered non-trivial.
CVSS 9.0